Secure Connections

The SocketTools ActiveX Edition supports the ability to create secure connections using the standard SSL and TLS protocols. For those Internet protocols which support secure connections, it is as simple as setting the Secure property to True or specifying an additional option when the Connect method is called. In some cases, certain protocols have additional options that control how the secure session is established. Secure connections may either be implicit or explicit, depending on the protocol. An implicit connection is one where the client and server begin negotiating the security options as soon as the connection is established. In most cases, a server which accepts secure implicit connections listens on a port number that is different from the default port it uses for standard, non-secure connections. An example of this is the Hypertext Transfer Protocol (HTTP) which accepts standard connections on port 80 and secure connections on port 443. When a client connects to port 443, the server automatically assumes that the client wants a secure connection.

On the other hand, an explicit connection requires that the client explicitly specify to the server that it wants a secure connection. Typically this is done by the client sending a command to the server that causes the server to begin negotiating with the client to establish a secure session. An example of this is the File Transfer Protocol, where the client can use the AUTH command to tell the server that it wants a secure connection. Servers may also support both explicit and implicit secure connections, based on which port the client connects to. SocketTools supports both implicit and explicit secure connections, and this is also controlled by the options provided to the Connect method.

In addition to establishing a secure connection, the client may be required to provide additional authentication information to the server in form a client certificate. A secure server may require that the client provide a certificate in addition to or instead of a username and password. To support this, your application must specify the security credentials for the client prior to establishing a connection. For more information, refer to the CertificateStore and CertificateName properties in the Technical Reference for the control. Additional information about secure connections and certificates is also available in the Developer's Guide.